The Hacker News

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...
SecurityWeek

API Threats Grow in Scale as AI Expands the Blast Radius

Most API vulnerabilities are fast, remote, and easy to exploit. Attackers take full advantage of these attributes.
Stark Insider

7 Ways to Stop Bleeding Money on AI API Calls

AI API calls are expensive. After our always-on bot burned through tokens, we found seven optimization levers that cut costs ...

AI platforms can be abused for stealthy malware communication

AI assistants like Grok and Microsoft Copilot with web browsing and URL-fetching capabilities can be abused to intermediate ...
India West

Kashmir Conflict Offers China Key Intelligence Insights On India

NEW DELHI – The recent escalation between India and Pakistan over Kashmir is providing China with valuable military intelligence, particularly through its close defense ties with Islamabad. Analysts ...